Oracle Commerce
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-2463 | Cri | 0.64 | 9.8 | 0.02 | Jul 21, 2021 | Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.0.0, 11.1.0, 11.2.0 and 11.3.0-11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network… | ||
| CVE-2022-21466 | Hig | 0.49 | 7.5 | 0.02 | Apr 19, 2022 | Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle… | ||
| CVE-2020-14536 | Hig | 0.48 | 7.4 | 0.02 | Jul 15, 2020 | Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Workbench). Supported versions that are affected are 11.0, 11.1, 11.2 and prior to 11.3.1. Difficult to exploit vulnerability allows unauthenticated… | ||
| CVE-2020-14535 | Hig | 0.48 | 7.4 | 0.02 | Jul 15, 2020 | Vulnerability in the Oracle Commerce Service Center product of Oracle Commerce (component: Commerce Service Center). Supported versions that are affected are 11.1, 11.2 and prior to 11.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access… | ||
| CVE-2019-2713 | Med | 0.42 | 6.5 | 0.01 | Apr 23, 2019 | Vulnerability in the Oracle Commerce Merchandising component of Oracle Commerce (subcomponent: Asset Manager). The supported version that is affected is 11.2.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle… | ||
| CVE-2023-22029 | Med | 0.40 | 6.1 | 0.00 | Oct 17, 2023 | Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce (component: Workbench). The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce… | ||
| CVE-2021-2462 | Med | 0.40 | 6.1 | 0.01 | Jul 21, 2021 | Vulnerability in the Oracle Commerce Service Center product of Oracle Commerce (component: Commerce Service Center). Supported versions that are affected are 11.0.0, 11.1.0, 11.2.0 and 11.3.0-11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network… | ||
| CVE-2019-2659 | Med | 0.40 | 6.1 | 0.01 | Apr 23, 2019 | Vulnerability in the Oracle Commerce Platform component of Oracle Commerce (subcomponent: Dynamo Application Framework). The supported version that is affected is 11.2.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to… | ||
| CVE-2022-21559 | Med | 0.36 | 5.5 | 0.00 | Jul 19, 2022 | Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with logon to the… | ||
| CVE-2022-21387 | Med | 0.35 | 5.3 | 0.01 | Jan 19, 2022 | Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP… | ||
| CVE-2021-2346 | Med | 0.35 | 5.4 | 0.01 | Jul 21, 2021 | Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.1.5. Easily exploitable vulnerability allows low privileged attacker with network… | ||
| CVE-2021-2345 | Med | 0.35 | 5.4 | 0.01 | Jul 21, 2021 | Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.1.5. Easily exploitable vulnerability allows low privileged attacker with network… | ||
| CVE-2020-14532 | Med | 0.31 | 4.7 | 0.01 | Jul 15, 2020 | Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.1, 11.2 and prior to 11.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via… | ||
| CVE-2020-14533 | Low | 0.23 | 3.5 | 0.01 | Jul 15, 2020 | Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.1, 11.2 and prior to 11.3.1. Easily exploitable vulnerability allows high privileged attacker with network access via… |
- risk 0.64cvss 9.8epss 0.02
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.0.0, 11.1.0, 11.2.0 and 11.3.0-11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network…
- risk 0.49cvss 7.5epss 0.02
Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle…
- risk 0.48cvss 7.4epss 0.02
Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Workbench). Supported versions that are affected are 11.0, 11.1, 11.2 and prior to 11.3.1. Difficult to exploit vulnerability allows unauthenticated…
- risk 0.48cvss 7.4epss 0.02
Vulnerability in the Oracle Commerce Service Center product of Oracle Commerce (component: Commerce Service Center). Supported versions that are affected are 11.1, 11.2 and prior to 11.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access…
- risk 0.42cvss 6.5epss 0.01
Vulnerability in the Oracle Commerce Merchandising component of Oracle Commerce (subcomponent: Asset Manager). The supported version that is affected is 11.2.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle…
- risk 0.40cvss 6.1epss 0.00
Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce (component: Workbench). The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce…
- risk 0.40cvss 6.1epss 0.01
Vulnerability in the Oracle Commerce Service Center product of Oracle Commerce (component: Commerce Service Center). Supported versions that are affected are 11.0.0, 11.1.0, 11.2.0 and 11.3.0-11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network…
- risk 0.40cvss 6.1epss 0.01
Vulnerability in the Oracle Commerce Platform component of Oracle Commerce (subcomponent: Dynamo Application Framework). The supported version that is affected is 11.2.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…
- risk 0.36cvss 5.5epss 0.00
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with logon to the…
- risk 0.35cvss 5.3epss 0.01
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP…
- risk 0.35cvss 5.4epss 0.01
Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.1.5. Easily exploitable vulnerability allows low privileged attacker with network…
- risk 0.35cvss 5.4epss 0.01
Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.1.5. Easily exploitable vulnerability allows low privileged attacker with network…
- risk 0.31cvss 4.7epss 0.01
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.1, 11.2 and prior to 11.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via…
- risk 0.23cvss 3.5epss 0.01
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.1, 11.2 and prior to 11.3.1. Easily exploitable vulnerability allows high privileged attacker with network access via…